About

Andrea Barisani is an internationally recognized security researcher.
Since owning his first Commodore-64 he has never stopped studying new
technologies, developing unconventional attack vectors and exploring what makes
things tick...and break.

His experiences focus on large-scale infrastructure defense,
penetration testing and code auditing with particular focus on safety critical
environments, with more than 15 years of professional experience in security
consulting.

Being an active member of the international open source and security
community he contributed to several projects, books and open standards. He is
the founder of the oCERT effort, the Open Source
Computer Security Incident Response Team.

He is a well known international speaker, having presented at
BlackHat, CanSecWest, Chaos Communication Congress, DEFCON, Hack In The Box,
among many other conferences, speaking about innovative research on automotive
hacking, side-channel attacks, payment systems, embedded system security and
many other topics.

Industries

Co-author of the very first research on vehicle security, vast experience in securing all kind of automotive embedded systems such as telematic control units, infotainment systems and ECUs.

Avionics

A focal point, with many years of experience, for aircraft and avionics manufacturers in auditing their safety critical systems from hardware or software security issues.

Consumer

Deep knowledge and experience in the convergence between software and hardware, aimed at securing all layers and protect intellectual property on all kind of consumer electronics.

Enterprise

Vast experience in security auditing for major IT infrastructures of the largest enterprise environments, including large scale penetration testing, application auditing and IDS deployment.

Financial

Co-author of leading research in credit card security, discovering novel flaws in Chip & PIN systems. Vast experience in securing entire banking infrastructures from consumer card chips to POSes and up to transaction backends.

Industrial

Specialized in securing safety critical infrastructure from the ground up, including hardware, firmware and software auditing of proprietary control systems with air, land, sea or space applications.